Run strongdm/comply within GitHub Actions directly on your compliance repository.
Saves you from setting up a server to run scheduler via cron and the like.
The easier integration to setup. Commit your comply.yml to the repo, but omit the token field in the github ticket settings and it will be read from ENV directly by the action.
Here's an example workflow config file that you should put somewhere like .github/workflows/scheduler.yml
name: Compliance Scheduler
on:
schedule:
- cron: "* 0 * * *"
jobs:
scheduler:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- uses: hecateapp/comply-action@master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
args: schedulerJIRA is slightly trickier to setup as comply does not yet read JIRA authentication settings from ENV and we must inject them into config directly. On your repository settings page you must add two secrets: JIRA_USERNAME and JIRA_PASSWORD (see comply docs for what are appropriate values for that).
You then need to set up your comply.yml like this and commit it to allow the settings to be injected.
name: "Acme"
filePrefix: "Acme"
tickets:
jira:
username: <JIRA_USERNAME>
password: <JIRA_PASSWORD>
project: comply
url: https://yourjira
taskType: TaskHere's an example workflow config file that you should put somewhere like .github/workflows/scheduler.yml
name: Compliance Scheduler
on:
schedule:
- cron: "* 0 * * *"
jobs:
scheduler:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- uses: hecateapp/comply-action@master
with:
args: scheduler
jira_username: ${{ secrets.JIRA_USERNAME }}
jira_password: ${{ secrets.JIRA_PASSWORD }}Not yet supported.
Brought to you by Hecate - GitHub apps to help manage teams better